07-21-2011 04:08 AM - edited 03-11-2019 02:01 PM
Hello,
I face a problem on timeout. there are two servers one in DMZ and the other on the inside network. Those servers continously communicate and after a long hour, like 10 hrs, socket read time out error occured. When I move the DMZ server to the inside network it works perfectly. Access rule is configured from DMZ server to the inside and vice versa.
So if there is something on timeout that should be configured on the firewall please advice.
Thank you in advance
Mulu
07-21-2011 04:11 AM
Hi,
could you just provide an output of show run from the ASA, please also do collect the logs from the time when such a disconnect happensd from the ASA.
Thanks,
Varun
07-22-2011 01:50 AM
Thank you Varun for your fast response.
This is the wierd thing. The servers communicate on day time(working hours) perfectly. but the error occurs during night time(off hours). There are no logs on the ASA, may be the problem is due to idel time out connection. Is there any default behaviour on the ASA that will stop when the connection between the servers is idle(no session). The servers are Weblogic and database servers.
Thank you
07-22-2011 02:03 AM
Hi,
Yes there is a an ideal timeout behavior set on the firewall , but you would need to check the values, for that you can do:
show run timeout
this would tell you all the timeout values set on the firewall for connection timeouts. I would still suggest to check the logs and server setting as well, in the logs if you can see that the built connection was teared down due to timeout and after that the user send a packet for that connection, then the ASA would definitely drop it and hence the error message that you get. On the server you can check if it is sending keepalives for the idle connection so that the connection doesn't time out.
Hope this helps you out.
Thanks,
Varun
07-22-2011 04:59 AM
Thank You Varun,
Hope it will solve it. I will check it today and i will be back to you.
Thank you
Mulu
07-25-2011 05:12 AM
Thank you Varun,
Its solved. The problem was on idel timeout. I appreciate your great help.
Thank you
Mulu
08-03-2011 12:52 AM
Dear Varun,
I have faced one problem on the SSL Clientless vpn. It gives me Socket write error when i connect to the server through SSL, but i map the server with public IP and access it directly and at this time the error disappears. Any configuration the i can tune on the SSL configuration.?
Thank you
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide